P2P Scammers' Lawyers Attack Open Source Team

An anonymous reader writes "Late last year a company affiliated with the French RIAA hijacked the Shareaza.com domain name from the original, open source project's owner. They are passing off their own for-pay software, which violates the GPL, as the real thing. Now, having stolen the Shareaza project's identity, the scammers are threatening legal action to shut down the real open source team."

direct link

[Plunky (929104)]

direct link to the website: www.shareaza.com [shareaza.com]

though I didn't find it very interesting..

Re:

[Plunky (929104)]

I should say, that the comments that the lawyers were objecting to was a thread regarding setting up the real shareaza program to query the www.shareaza.com [shareaza.com] site in order to perform a distributed denial of service attack on it and put it under.

Of course, suggesting any such thing must be illegal, and organising such an attack even in retaliation is not going to be good for your karma.

IMHO they should just have changed the name of the program and got a new domain name

Re:

[Calinous (985536)]

And see history repeating itself? Create a new name for their program and promote it, only to lose it after a while?

Re:direct link

[Loke the Dog (1054294)]

Yes, exactly.

History of the Swedish newspaper Aftonbladet:

When it was first published in 1830 by Lars Johan Hierta, it was a tabloid that reported news and also criticised the new Swedish king Charles XIV John. The king stopped Aftonbladet from being printed and banned it, this was answered by starting the new newspaper "Det andra Aftonbladet" (The second Aftonbladet), which was subsequently banned, followed by new versions named in similar fashion until the newspaper had been renamed 26 times, after which it was allowed by the king. [1]

Kinda similar.

Re:direct link

[Brian Gordon (987471)]

Oh yeah, they get their domain name illegally hijacked so they should just change the name of their entire project.

Don't do that!

[ArsenneLupin (766289)]

You'll get Slashdot in trouble. Indeed, by your link you effectively trigger a Dos against the shite, by means of Slashdot effect!

Re:Don't do that!

[russ1337 (938915)]

...you effectively trigger a Dos against the shite

Sean Connery? is that you?

Re:Don't do that!

[spun (1352)]

...you effectively trigger a Dos against the shite

Sean Connery? is that you?

Yesh, and I DOShed your wife's shite lasht night, Trebeck.

maybe not accessible ...

[Fallen Andy (795676)]

... if you've got Spybot-SD installed then your local hosts file maps shareaza.com along with many other junk sites to 127.0.0.1. (For a moment I thought they'd been slashdotted (grins)).

Andy

Re:

[by Anonymous Coward]

firefox also pops up a warning that http://www.shareaza.com/ [shareaza.com] is a 'suspected web forgery' / phishing site. nice.

Reminds me of a story...

[Darundal (891860)]

...from a while back in which some hardware counterfeiters in china got to the point where they where actually paying a firm for R&D for new products.

Re:Reminds me of a story...

[paeanblack (191171)]

...from a while back in which some hardware counterfeiters in china got to the point where they where actually paying a firm for R&D for new products.

A hundred years ago the same thing was happening here in the US. Intellectual property law enforcement was non-existent in practice. US companies were ripping off European IP and then grew to the point when they needed their own R&D to compete with other US companies doing the same thing. Oddly enough, right about the time when serious commercial research was starting to take off in the States, the US IP laws grew some real teeth.

History is a funny thing. It almost seems like it keeps repeating itself.

Interesting move by the French RIAA

[downix (84795)]

First they work to strengthen copyright laws to the point that they make capital murder seem less a crime, THEN they help a group which targets a GPL piece of software, and as we all know, the GPL utilizes the full strength of Copyright for it's own power... They are about to reap what they have sown.

Re:

[Ice Tiger (10883)]

Exactly if Discordia took the source, modified it and do not provide access to it as has been implied then they are far game for a copyright infringement lawsuit. If the original authors don't want to do it then maybe give the copyright to the EFF who WILL go after them. Also maybe drum up some press about the copyright infringement and their link to the French RIAA as that will surely stink PR wise.

Is this more Discordian FOSS acquisition?

[srck (1099727)]

A quick google for "Discordia Limited" turned up jzip.com - "Based on 7-Zip technology by Igor Pavlov" is the strap line for the site (its a Winzip-style compression tool). Is this another occurrence of their appropriation of open source products?

Re:Interesting move by the French RIAA

[SharpFang (651121)]

Exactly if Discordia took the source, modified it, distributed it and...

Don't skip that step. You're allowed to make GPL into closeware ("nobody but me is allowed to use it"), but you can't distribute it to others without sources.

Re:

[Ice Tiger (10883)]

It wouldn't be an extensive P2P network if they didn't distribute their client. :)

Anyway after digging around they rebranded their own client they use for their other networks thus didn't violate the GPL at all. Maybe the open source guys can register the name as a trademark and go after them that way.

Re:Interesting move by the French RIAA

[jrumney (197329)]

They don't seem to be distributing the Shareasa client. They seem to be distributing the iMesh client rebadged as Shareasa 4. The only copyright infringement seems to be the use of the Shareasa project's logo on their website. The biggest problem is trademark infringement and passing off, but the former is going to be difficult to pursue without registering the trademark first, which they don't have the money for.

Re:

[ArsenneLupin (766289)]

First they work to strengthen copyright laws to the point that they make capital murder seem less a crime,

Stupid move. So, if you're accused of violating some copyright, maybe killing a lawyer or 2 may get out of the original charge (for lack of "witnesses"...), and you'll be stuck with the lesser charge of capital murder...

THEN they help a group which targets a GPL piece of software, and as we all know, the GPL utilizes the full strength of Copyright for it's own power...

Well, the only trouble is that the shysters didn't violate copyright law, but rather trademark law. These are not the same thing, (un)fortunately.

Re:

[elrous0 (869638)]

Welcome to Sarkozy-era France, mon ami!

Interesting name...

[tnoren (1246462)]

The French Recording Industry Association of America i know i know "it's just the equivalent"

Smoking in the licence agreement...

[craig1709 (1113765)]

"SMOKING

Smoking overall is bad for you. It gives you bad breath and may kill you sooner than you'd expect." - the licence agreement [shareaza.com]
All I can say is: WTF?

Re:

[tripmine (1160123)]

Now here's the fun part...

If you can read this, you don't need glasses. :)

Are they trying to be hip? or cool? or straight up gangsta from the hood? They had me there for a second. Until they blantantly violated the GPL and stole a trademark and still pretend like nothing happened.
Makes me sick.

Not so black & white

[LilWolf (847434)]

While the company may violate the GPL, their legal note says they want some threads removed from the forum that contain instructions on how to conduct an DoS attack against them. That may or may not be illegal where you live, but in no case does it gather sympathy from me.

If they're violating the GPL then sue them for that, but don't complain if they come at you for something that's likely illegal where ever you live.

Do better than that

[roman_mir (125474)]

Warning to Shareaza users by the original team:

ShareazaV4, is totally fake. It violates the open-source license, GPL (Version 2) in many ways. Also, it isn't free nor open source. It requires a subscription and installs a suspicious toolbar. You can read what happened from this reference list: http://tinyurl.com/2cx7ff [tinyurl.com]

Please, update your Shareaza version to Shareaza 2.3.1.0, and change the site from Shareaza.com to the new official site at Sourceforge: http://shareaza.sourceforge.net/ [sourceforge.net] .

The short version of why this is happening from the article:

A company trying to pass itself off as vendors of the open-source file-sharing software Shareaza, has set the legal dogs on the real Shareaza forum. Discordia Ltd, who earlier turned Bearshare and iMesh into pay services, demanded action after a member of the real Shareaza forum suggested a DOS attack on the site.

This is due to this suggestion by real shareaza forum user [66.102.9.104] :

Make it so the real shareaza program queries their site [shareaza.com] every couple of seconds. As an individual user this won't take much personal bandwidth. But all shareaza users worldwide put together should be enough to kill their server and they won't really be able to do much since it will be coming from so many different IPs.

The letter by the shyster hired by the thief/impersonator of the shareaza domain and project:

This law firm represents Discordia, Ltd., the operator of the website Shareaza.com and owner of the rights in the Shareaza branded software distributed from that domain. Please be advised, that your forum contains a string of posts under the title: "suggestion to kill Shareaza.com." Under the string, the poster, RedSquirrel offers directions for users of Shareaza software to implement a DoS that would have the effect of destroying or seriously impairing our client's application and network. The poster OldDeath also offers a manner to illegally attack our client's business.

Despite whatever complaints your forum's users may have with our client's proper and legal business activities, the type of activity promoted on your forum is illegal. Therefore, we request that you immediately remove this string of posts and any future strings of this nature. My client respects your users' rights to express their points of view. However, the line is crossed when users begin to promote the destruction of a legitimate business (evidently based on out some misguided belief that artists and others who create music should not be fairly compensated for their efforts) via illegal or other predatory means.

If the above cited illegal activity on your site does not immediately cease and desist, our client will take all necessary action to vigorously and relentlessly protect its rights. To be clear, if this action is not immediately taken and, as result, our client's business is harmed, we will not only pursue, locate and hold fully responsible each and every one of those who have implemented this, or any similar DoS, but also those responsible for maintaining your site and the forums.

Please confirm that the requested action is being taken immediately.

Jeffrey A. Kimmel

Meister Seelig & Fein, LLP
140 E. 45th St., 19th Fl.
New York, NY 10017
(212) 655-3578

I suppose the law is in their hands in terms of a DDoS attack, so it would be more correct to sue the impersonator/thief for t

Re:Do better than that

[downix (84795)]

To claim that forum trolls represent a project is a weak tactic, and had been thrown out of court in every case I have studied.

Re:

[FictionPimp (712802)]

You would think an offical post of "Let's not stoop to their level and DoS attack" would be enough. I see no reason to remove the posts. However, France is different and I'm not sure about what you are allowed to say legally. I wonder how this differs from say making a post on my blog that encourages people to go to theaters and yell "fire"

Re:

[roman_mir (125474)]

However, France is different and I'm not sure about what you are allowed to say legally.

- http://www.shareazasecurity.be/ [shareazasecurity.be] is not French, it's Belgium's and the shysters are from NY.

Re:Do better than that

[ArsenneLupin (766289)]

I suppose the law is in their hands in terms of a DDoS attack, so it would be more correct to sue the impersonator/thief for trademark and copyright violations if they indeed are violating the GPL and are using 'shareaza' name on their 'competing' software.

It's not actually a DDoS attack, but rather millions of shareaza instances probing the shareaza site for updates. A thing many other software packages (such as virus scanners, or even Windows itself) do routinely. The shareaza authors are perfectly within their rights to do this. Too bad only that somebody hijacked the shareaza domain, and that the relevant URL didn't contain the appropriate CGI to manage the update, and even less the needed cryptographic signatures to validate itself. Too bad also that shareaza probes again real soon after a failure, and only a day after a success.

Oh, and Meister Seelig needs to be very careful where he steps, so that he doesn't accidentally perjure himself by claiming rights that his clients doesn't have... In his first letter he seems to have avoided the obvious traps (... simply by not using the term "under penalty of perjury ...) but I'm sure that as soon as the action starts, and more letters become necessary, he will end up making a mistake.

The appropriate reaction to such a letter is to ask the shyster lawyers whether they are ready to uphold their claims under oath in front of a court of law...

Re:

[Maxo-Texas (864189)]

So basically Jeffrey A. Kimmel said the following...

PLEASE WIDELY PUBLICIZE MY CLIENTS AND CAUSE UNENDING DOS ATTACKS ON THEM.

Thank you,
Jeffrey A. Kimmel

Meister Seelig & Fein, LLP
140 E. 45th St., 19th Fl.
New York, NY 10017

Re:

[roman_mir (125474)]

1. Noone is complaining about the money part of this, GPLed software can be sold.

2. Installing a suspicious toolbar has nothing to do with the GPL, but it does so under the disguise of the 'real' Shareaza project. This casts a shadow and causes problems to the real project.

3. DDOS attack is not necessary in this case, only a copyright / trademark lawsuit is necessary, but if a DDOS will make the thief/impersonator suffer in this case it is a good thing, it provides moral support to the real project's peopl

Looks like the DOS will happen after all

[by Anonymous Coward]

It would appear as if the DOS attack announced in the official sharezaa forum will happen after all. Slashdoters, visit and reload http://www.shareaza.com/ [shareaza.com] as many times as you can.

Turnabout is fair play

[abbamouse (469716)]

Aw, someone stole the Shareaza name and used it for their own proprietary crap. I seem to remember something like this from a few years back, except the term is question was Gnutella and an incompatible protocol stealing its name and calling itself "Gnutella 2." Karma can be a bitch sometimes.

Re:

[hcmtnbiker (925661)]

Mod this parent up he's not a Troll. Mike's Protocol [wikipedia.org] is exactly that. He used the gnutella name as only a means to get people to download his project. It has nothing to do with either gnutella, or the group guiding the original gnutella protocol. Stealing a name is something they've done, just because they're FOSS doesn't meant they're automatically good themselves.

Darn, now I have to RTFA

[sm62704 (957197)]

Late last year a company affiliated with the French RIAA hijacked the Shareaza.com domain name from the original

The French "Recording Industry Association of America? WTF?

Kdawson, please have some more coffee before you "edit" the next story, ok?

Re:Darn, now I have to RTFA

[drawfour (791912)]

No, it stands for "Recording Industry Association of Assholes". Applicable for any country.

"turnaboutisfairplay"? Get a clue.

[by Anonymous Coward]

People saying this is fair game since P2P software can be used for piracy are completely failing at understanding the issues here. P2P software can be used for legal file sharing - we do it all the time with Linux distributions. I used to use Shareaza's bittorrent client for exactly that while in Windows. Not all use of Shareaza is illegal, but violating the GPL is ALWAYS illegal if that's what happened. Passing your product off as someone else's product, filling it with spyware, and stealing their doma

Re:

[Constantine XVI (880691)]

I'm pretty sure the event in question is Gnutella2, a completely incompatible (with the original Gnutella) protocol developed by the Shareaza team. Shareaza, the people that "hijacked" the Gnutella name, got their name hijacked.

Re:

[Klaus_1250 (987230)]

IANAL, but, I'm also wondering about validity of the copyright claims of Discordia Ltd. At the bottom of the pages, it says either:

© 1999-2008 Discordia Ltd. All rights reserved.

or

© 1999-2008 Shareaza All rights reserved.

Apart from violating the GPL and infringing on trademarks/copyrights, they also make false/invalid (copyright) claims by stating copyright as of 1999. Isn't there a law against this as well?

its happened before on a grander scale..

[apodyopsis (1048476)]

NEC - yes thats right the major international corp. - found a entire fake NEC outfit working in China, complete with factories, hundreds of employees, using the same logo, letterheads and even staff ID badges. They found out when kit started coming back for repair that they had not even made. its still one of my favorite China fake goods stories, because you just could not make it up.

Think I'm joking? I assure you I am not, here are some references...
http://www.eetindia.co.in/ART_8800416910_1800007_NT_5c0424e2.HTM [eetindia.co.in]
http://www.eetimes.com/showArticle.jhtml?articleID=187200176 [eetimes.com]
http://www.nytimes.com/2006/05/01/technology/01pirate.html [nytimes.com]
http://www.smh.com.au/news/biztech/slick-pirates-seize-entire-brand/2006/05/29/1148754904830.html [smh.com.au]

The hardest thing is sometimes to persuade people that what they are doing in actually wrong in the first place, I guess this is the case with Shareaza.

One Way To Easily Defeat French Scammers ...

[blcamp (211756)]

Just declare war on them.

Re:

[by Anonymous Coward]

Still bitter that they wouldn't rubber-stamp your oil-war?

Re:

[sumdumass (711423)]

It is ironic that the only connection to oil is also the french's rejection of the war. It has been shown that France has secrete oil deals in violation of UN sanctions worth billions that they stood to lose with an invasion and war in Iraq. It has also been suggested that their chumming with Iraq and their promise of a Veto on a war resolution in the UN was connected to those deals. I can also understand the UN's reaction to us invading around them when the top leaders family was tied in with the French co

a quick strings shows they do have the same parent

[by Anonymous Coward]

I downloaded the exe from shareaza.com and unpacked it (strings showed it was a wise installer, google wise unpack)
strings shareaza.exe gave loads and loads of function names error messages etc.
Downloaded the source from real shareaza (from sourceforge) ran grep against those names and everyone tried matched.
I need to try and do a proper comparasion, but IMHO the exe is created from the a branch of the open source 'true' version

What GPL code are they using?

[Skapare (16644)]

What GPL code are they using? Are they actually using some identifiable GPL code in their distributed software without complying with the GPL licensing requirements? Are they using the original SHAREAZA team's actual software (modified to do the nasty things)? All I see in the article are issues regarding an allegation of a stolen domain and an allegation of a plot to perform a distributed denial of service attack. If they did in fact make any use of GPL software without complying with the GPL licensing (such as making the source code available to anyone they distribute the software to), then by all means pursue legal remedies for that. Otherwise, the standing issues are the stolen domain and DDoS plot.

Oh, delicious irony.

[The Ultimate Fartkno (756456)]

FTA:

"It's no surprise that emotions run high when people are ripped off..."

It's not getting "ripped off," it's SHARING!

Typical scammer behaviour

[anticypher (48312)]

Although TFA mentions the French equivalent of the RIAA, I'm puzzled at which it could be. Is it the IFPI, or the only group with legal jurisdiction in France, the SNEP? I can't find any other reference to France or French companies.

The original shareaza.com site resolves to an IP address (207.232.22.55) in New York, but listed with a fake front company with an Israeli ISP. The ISPs netvision.net.il and elron.net are known pink-contract, i.e. spammer friendly, hosting companies, they've been known to set up netblocks for spammers and run them until they are in every blacklist, then migrate in another netblock for the spammers. Most of the dodgy hosting is done in the U.S. and Russia. elron.net has been associated with the Russian Business Network, but a quick google doesn't turn up any easy links to back that up.

Someone posted above about shareazasecurity.be (195.47.247.137), but that goes to a server hosted in Denmark.

Although there is some mis-direction by throwing international company names into the mix (a classic scammer tactic), this appears to be mostly a U.S. based operation.

the AC

SCPP

[Midnight Thunder (17205)]

As many observant /.ers have pointed out, it is not the French RIAA, since the last 'A' is America, and last time I looked France is in Europe (despite some beliefs [youtube.com]). The French equivalent of the RIAA is the SCPP [www.scpp.fr] (Société Civile des Producteurs Phonographiques).

page source shows all redirected - shareazaweb.com

[Locutus (9039)]

there's nothing on the www.shareaza.com/index.html page referencing page components from the base shareaza.com domain. It's all redirected to shareazaweb.com, a GoDaddy.com registered domain with DNS entries going to Israel.

DNS1=NETVISION.NET.IL
this is all in a hebrew-looking language and unreadable by me

DNS2=ELRON.NET
nowhere did I find in the list of companies they own for IT software does it list Shareaza

Many might already have noticed that Firefox flags this as a possible hijacked site and it sure looks like a strange partnership is behind this. IMO.

raw whois data:

$ whois shareazaweb.com

Whois Server Version 2.0

Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net/ [internic.net]
for detailed information.

      Domain Name: SHAREAZAWEB.COM
      Registrar: GODADDY.COM, INC.
      Whois Server: whois.godaddy.com
      Referral URL: http://registrar.godaddy.com/ [godaddy.com]
      Name Server: DNS.NETVISION.NET.IL
      Name Server: NYPOP.ELRON.NET
      Status: clientDeleteProhibited
      Status: clientRenewProhibited
      Status: clientTransferProhibited
      Status: clientUpdateProhibited
      Updated Date: 28-nov-2007
      Creation Date: 22-nov-2007
      Expiration Date: 22-nov-2008

>>> Last update of whois database: Tue, 26 Feb 2008 15:28:26 UTC

Re:

[Klaus_1250 (987230)]

I think they should start by getting their domain-name back, filing a complaint with WIPO should set that in motion. Pretty sure they stand a decent chance. The only issue is that Shareaza misses someone with a getting-the-job-done hands-on mentality which can pretty much be seen in the Shareaza client. Poor ed2k support, minimal bittorrent support, problematic Gnutella-support, no continued development of G2, ...